CVSS: 7.5EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2907 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2907
02 Oct 2013 — The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. La implementación del objeto Window.prototype en Google Chrome anterior a 30.0.1599.66 permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites) a través de vectores sin especificar. Multiple vulnerabilities have been reported in Chromium and V8, worst of which may allow execution of arbitrary code. V... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2924 – Gentoo Linux Security Advisory 201402-14
https://notcve.org/view.php?id=CVE-2013-2924
02 Oct 2013 — Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome before 30.0.1599.66 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Vulnerabilidad de uso después de liberación en International Components for Unicode (ICU), tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66 y otros productos, permite a atacantes remotos causar una denegación de servicio o posibleme... • http://bugs.icu-project.org/trac/ticket/10318 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 60EXPL: 0CVE-2013-2914
https://notcve.org/view.php?id=CVE-2013-2914
02 Oct 2013 — Use-after-free vulnerability in the color-chooser dialog in Google Chrome before 30.0.1599.66 on Windows allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to color_chooser_dialog.cc and color_chooser_win.cc in browser/ui/views/. Vulnerabilidad de uso después de liberación en el diálogo color-chooser en Google Chrome anterior a la versión 30.0.1599.66 en Windows permite a atacantes remotos causar una denegación de servicio o posiblemente tener ... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 59EXPL: 0CVE-2013-2906 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2906
02 Oct 2013 — Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 30.0.1599.66, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to threading in core/html/HTMLMediaElement.cpp, core/platform/audio/AudioDSPKernelProcessor.cpp, core/platform/audio/HRTFElevation.cpp, and modules/webaudio/ConvolverNode.cpp. Condiciones de carrera múltiple en la implementación Web Audio en Blink, tal como se utiliza en Google Chrome... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2912 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2912
02 Oct 2013 — Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/pepper/pepper_in_process_router.cc in the Pepper Plug-in API (PPAPI) in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a resource-destruction message. Vulnerabilidad de uso después de liberación en la función PepperInProcessRouter::SendToHost en el Pepper Plug-in API (PPAPI) en Google Chrome anterior a la ve... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 64EXPL: 0CVE-2013-2919 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2919
02 Oct 2013 — Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Google V8, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto sin especificar a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, ... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2920 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2920
02 Oct 2013 — The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring. La función DoResolveRelativeHost en url/url_canon_relative.cc en Google Chrome anteriores a 30.0.1599.66 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de un... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 59EXPL: 0CVE-2013-2916 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2916
02 Oct 2013 — Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code, in conjunction with a delay in notifying the user of an attempted spoof. Blink, tal como se utiliza en Google Chrome anterior a la versión 30.0.1599.66, permite a atacantes remotos falsificar la barra de direcciones a través de vectores que involucren una respuesta con un código de estado 204, en conjunción con un retraso en la notifi... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html •
CVSS: 9.8EPSS: 2%CPEs: 59EXPL: 0CVE-2013-2911 – Gentoo Linux Security Advisory 201403-01
https://notcve.org/view.php?id=CVE-2013-2911
02 Oct 2013 — Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSheetLibxslt.cpp in Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of post-failure recompilation in unspecified libxslt versions. Vulnerabilidad de uso después de liberación en la función XSLStyleSheet::compileStyleSheet en core/xml/XSLStyleSheetLibxslt.cpp en Blink, tal como se u... • http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 52EXPL: 0CVE-2013-2905 – Debian Security Advisory 2741-1
https://notcve.org/view.php?id=CVE-2013-2905
21 Aug 2013 — The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547.57 uses weak permissions under /dev/shm/, which allows attackers to obtain sensitive information via direct access to a POSIX shared-memory file. La función SharedMemory::Create en memory/shared_memory_posix.cc en Google Chrome anterior a v29.0.1547.57 utiliza permisos débiles en /dev/shm/, lo que permite a atacantes obtener información sensible a través de un acceso directo a un fichero POSIX de memoria com... • http://crbug.com/254159 • CWE-264: Permissions, Privileges, and Access Controls •